﻿// description  : 访问控制过滤器
// author       : tristan
// created      : 2011/2/16
// contact      : snaprack@gmail.com


namespace RBAC
{
    using System;
    using System.Web;
    /// <summary>
    /// 访问控制过滤器, 用于拦截请求, 并检查访问是否已授权
    /// </summary>
    public class AccessControlModule : IHttpModule
    {
        public void Init(HttpApplication context)
        {
            context.AuthenticateRequest += new EventHandler(AuthenticateRequest);
        }

        public virtual void AuthenticateRequest(object sender, EventArgs e)
        {
            IAccessHandler handler = AccessHandlerFactory.GetHandler(sender);

            if (handler.Validate())
            {
                IAccessControl ctrl = handler.GetAccessControl();

                if (!ctrl.Accessible)
                {
                    throw new AccessControlException("不允许访问!");
                }
            }
        }

        public virtual void Dispose()
        {
            // do nothing.
        }
    }

}
